NAT-T/UDPENCAP patch from stable/7
Alexander Zagrebin
alex at zagrebin.ru
Mon Jan 24 06:13:26 UTC 2011
Hi!
On 23.01.2011 16:13:48 +0000, Bjoern A. Zeeb wrote:
> here is a version of the NAT-T/UDPENCAP patch as in 8 and 9 for
> today's stable/7 for anyone who might want/need it. I would
> expect it will equally apply to 7.4-RELEASE once that happened.
>
> http://people.freebsd.org/~bz/20110123-01-stable7-natt.diff
>
> You will need to figure out the right version of ipsec-tools or other
> IKE clients yourself though.
Until now (at least on the 8.2-PRERELEASE) the setkey from the base
distribution doesn't dump the SAD entries (`setkey -D`) if NAT-T is used.
It reports: "Invalid extension type".
Will be this fixed?
--
Alexander Zagrebin
More information about the freebsd-net
mailing list